01-29-2023, 06:35 PM
Hi all,
while cracking around with a md5 hash list with 172M entries (145M found) I wanted to dive deeper and found that there are many bot entries as passwords which always have a structure like this:
- prefix (optional), chain_of_ascii_chars, suffix (optional)
For example (no real entry):
stello123 (=prefix) xCg532%@%gdvf^5DGaa6&*rFTfg^FD4$OIFThrR_gH(ugf*/ (chain_of_ascii_chars)
So I created the following cmdline in a Win11 terminal (Ryzen 9 5950X 16-Core, GTX 1080Ti, 32G RAM):
"hashcat -m 0 -a 3 -o HB_bots.txt Hash_BenchXVI.hash ?l?l?l?l?l?d?d?dxCg532%@%gdvf^5DGaa6&*rFTfg^FD4$OIFThrR_gH(ugf*/ -O -w 3"
Hashcat starts but in the status you can see first the guess mask with:
?l?l?l?l?l?d?d?dxCg532%@%gdvf5DGaa6 [27]
and the following candidates like:
ezcup801xCg532%@%gdvf5DGaa6
If you hit Ctrl-C or hashcat comes to the end the following line appears:
(translated from german to english):
The command "*rFTfgFD4$OIFThrR_gH" is either wrong typed or could not be found.
It seems, that the ampersand char (&) causes some kind of "escaping" so the whole string isn't available to hashcat.
Any kind of quotes didn't help so far. Any suggestions?
Best regards, Konubixe
while cracking around with a md5 hash list with 172M entries (145M found) I wanted to dive deeper and found that there are many bot entries as passwords which always have a structure like this:
- prefix (optional), chain_of_ascii_chars, suffix (optional)
For example (no real entry):
stello123 (=prefix) xCg532%@%gdvf^5DGaa6&*rFTfg^FD4$OIFThrR_gH(ugf*/ (chain_of_ascii_chars)
So I created the following cmdline in a Win11 terminal (Ryzen 9 5950X 16-Core, GTX 1080Ti, 32G RAM):
"hashcat -m 0 -a 3 -o HB_bots.txt Hash_BenchXVI.hash ?l?l?l?l?l?d?d?dxCg532%@%gdvf^5DGaa6&*rFTfg^FD4$OIFThrR_gH(ugf*/ -O -w 3"
Hashcat starts but in the status you can see first the guess mask with:
?l?l?l?l?l?d?d?dxCg532%@%gdvf5DGaa6 [27]
and the following candidates like:
ezcup801xCg532%@%gdvf5DGaa6
If you hit Ctrl-C or hashcat comes to the end the following line appears:
(translated from german to english):
The command "*rFTfgFD4$OIFThrR_gH" is either wrong typed or could not be found.
It seems, that the ampersand char (&) causes some kind of "escaping" so the whole string isn't available to hashcat.
Any kind of quotes didn't help so far. Any suggestions?
Best regards, Konubixe